Authentication:

It is the process of ensuring the user’s identity and
authenticity ASP.NET allows four types of mode:

1.Windows(Default)

2.Forms

3.Passport

4.None

Windows:

The window
authentication provider allows you to authenticate users based on their window
accounts. This provider uses IIS to perform the actual authentication and then
passes the authenticated identity to your code. This is the default provider
for ASP.NET.

Forms:

The forms authentication provider uses custom HTML
forms to collect authentication information and allows you to use you own logic
to authenticate users. The user’s credentials are then stored in a cookie for
use during the session.

Specify “None” as the authentication provider when
users are not authenticated at all or if you plan to develop custom
authentication code.

Federated
Identity:

It refers to where the user
stores their credentials. Alternatively, FID can be viewed as a way to connect
Identity Management systems together. In FID, a user's credentials are always
stored with the "home" organization (the "identity
provider"). When the user logs into a service, instead of providing
credentials to the service provider, the service provider trusts the identity
provider to validate the credentials. So the user never provides credentials
directly to anybody but the identity provider.

Authorization

Authorization is a process by which a server
determines if the client has permission to use a resource or access a file.

<authorization>

<allowroles ="Admin"/>

<denyusers ="*"/>

</authorization>

Membership

The membership feature is built around two central classes:

1.Membership

2.MembershipUser.

The membership class provides methods for creating users
(represented by the MembershipUser class), as well as common administration
methods for managing users. The users that are created with the membership class represent the authenticated identities
for an ASP.NET application. The key class in the Membership framework is the
membership class, which has methods like:

The central management class for role Manager is the Roles
class. The Roles class provider methods for creating roles and assigning users
to roles. It also provides common administration methods for managing role
information.